From f3e1cfee9f3b1903c9428bde366044f392ba5c70 Mon Sep 17 00:00:00 2001 From: Kenfe-Mickael Laventure Date: Wed, 9 Mar 2016 11:20:41 -0800 Subject: [PATCH] Update UserNamespaceInKernel test requirement to handle redhat On redhat based distribution, checking that USER_NS is compiled in the kernel is not sufficient, we also have to check that the feature as been enabled. With this commit, it is now done by checking the content of `/sys/module/user_namespace/parameters/enable`. Signed-off-by: Kenfe-Mickael Laventure Upstream-commit: 6cbff9505c992bd1e61ea7943737dac04ba665ea Component: engine --- .../integration-cli/docker_cli_userns_test.go | 2 +- components/engine/integration-cli/requirements.go | 13 ++++++++++++- 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/components/engine/integration-cli/docker_cli_userns_test.go b/components/engine/integration-cli/docker_cli_userns_test.go index ab503b4038..967debd581 100644 --- a/components/engine/integration-cli/docker_cli_userns_test.go +++ b/components/engine/integration-cli/docker_cli_userns_test.go @@ -20,7 +20,7 @@ import ( // 1. validate uid/gid maps are set properly // 2. verify that files created are owned by remapped root func (s *DockerDaemonSuite) TestDaemonUserNamespaceRootSetting(c *check.C) { - testRequires(c, DaemonIsLinux, SameHostDaemon) + testRequires(c, DaemonIsLinux, SameHostDaemon, UserNamespaceInKernel) c.Assert(s.d.StartWithBusybox("--userns-remap", "default"), checker.IsNil) diff --git a/components/engine/integration-cli/requirements.go b/components/engine/integration-cli/requirements.go index 6b89494f91..a53d546b95 100644 --- a/components/engine/integration-cli/requirements.go +++ b/components/engine/integration-cli/requirements.go @@ -149,9 +149,20 @@ var ( */ return false } + + // We need extra check on redhat based distributions + if f, err := os.Open("/sys/module/user_namespace/parameters/enable"); err == nil { + b := make([]byte, 1) + _, _ = f.Read(b) + if string(b) == "N" { + return false + } + return true + } + return true }, - "Kernel must have user namespaces configured.", + "Kernel must have user namespaces configured and enabled.", } NotUserNamespace = testRequirement{ func() bool {